CVE-2023-53984

HIGH 8.4

HotKey Clipboard 2.1.0.6 - Privilege Escalation Unquoted Service Path

CVSS Score

8.4

EPSS Score

0.0%

EPSS Percentile

0th

Clevo HotKey Clipboard 2.1.0.6 contains an unquoted service path vulnerability in the HKClipSvc service that allows local non-privileged users to potentially execute code with system privileges. Attackers can exploit the misconfigured service path to inject and execute arbitrary code by placing malicious executables in specific file system locations.

CWE	CWE-428
Vendor	clevo
Product	hotkey clipboard
Published	Jan 13, 2026
Last Updated	Apr 7, 2026

Stay Ahead of the Next One

Get instant alerts for clevo hotkey clipboard

Be the first to know when new high vulnerabilities affecting clevo hotkey clipboard are published — delivered to Slack, Telegram or Discord.

Get Free Alerts → Free · No credit card · 60 sec setup

CVSS v3 Breakdown

CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Attack Vector

Local

Attack Complexity

Low

Privileges Required

None

User Interaction

None

Scope

Unchanged

Confidentiality

High

Integrity

High

Availability

High

Affected Versions

clevo / HotKey Clipboard

2.1.0.6

References

NVD ↗ CVE.org ↗ EPSS Data ↗

exploit-db.com: https://www.exploit-db.com/exploits/51206 web.archive.org: https://web.archive.org/web/20200713203236/https://www.clevo.com.tw/index-en.asp vulncheck.com: https://www.vulncheck.com/advisories/hotkey-clipboard-privilege-escalation-unquoted-service-path

Credits

Wim Jaap van Vliet